linux/net/ipv6/tcp_ipv6.c
<<
>>
Prefs
   1/*
   2 *      TCP over IPv6
   3 *      Linux INET6 implementation
   4 *
   5 *      Authors:
   6 *      Pedro Roque             <roque@di.fc.ul.pt>
   7 *
   8 *      Based on:
   9 *      linux/net/ipv4/tcp.c
  10 *      linux/net/ipv4/tcp_input.c
  11 *      linux/net/ipv4/tcp_output.c
  12 *
  13 *      Fixes:
  14 *      Hideaki YOSHIFUJI       :       sin6_scope_id support
  15 *      YOSHIFUJI Hideaki @USAGI and:   Support IPV6_V6ONLY socket option, which
  16 *      Alexey Kuznetsov                allow both IPv4 and IPv6 sockets to bind
  17 *                                      a single port at the same time.
  18 *      YOSHIFUJI Hideaki @USAGI:       convert /proc/net/tcp6 to seq_file.
  19 *
  20 *      This program is free software; you can redistribute it and/or
  21 *      modify it under the terms of the GNU General Public License
  22 *      as published by the Free Software Foundation; either version
  23 *      2 of the License, or (at your option) any later version.
  24 */
  25
  26#include <linux/bottom_half.h>
  27#include <linux/module.h>
  28#include <linux/errno.h>
  29#include <linux/types.h>
  30#include <linux/socket.h>
  31#include <linux/sockios.h>
  32#include <linux/net.h>
  33#include <linux/jiffies.h>
  34#include <linux/in.h>
  35#include <linux/in6.h>
  36#include <linux/netdevice.h>
  37#include <linux/init.h>
  38#include <linux/jhash.h>
  39#include <linux/ipsec.h>
  40#include <linux/times.h>
  41#include <linux/slab.h>
  42
  43#include <linux/ipv6.h>
  44#include <linux/icmpv6.h>
  45#include <linux/random.h>
  46
  47#include <net/tcp.h>
  48#include <net/ndisc.h>
  49#include <net/inet6_hashtables.h>
  50#include <net/inet6_connection_sock.h>
  51#include <net/ipv6.h>
  52#include <net/transp_v6.h>
  53#include <net/addrconf.h>
  54#include <net/ip6_route.h>
  55#include <net/ip6_checksum.h>
  56#include <net/inet_ecn.h>
  57#include <net/protocol.h>
  58#include <net/xfrm.h>
  59#include <net/snmp.h>
  60#include <net/dsfield.h>
  61#include <net/timewait_sock.h>
  62#include <net/netdma.h>
  63#include <net/inet_common.h>
  64#include <net/secure_seq.h>
  65#include <net/tcp_memcontrol.h>
  66
  67#include <asm/uaccess.h>
  68
  69#include <linux/proc_fs.h>
  70#include <linux/seq_file.h>
  71
  72#include <linux/crypto.h>
  73#include <linux/scatterlist.h>
  74
  75static void     tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb);
  76static void     tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
  77                                      struct request_sock *req);
  78
  79static int      tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
  80static void     __tcp_v6_send_check(struct sk_buff *skb,
  81                                    const struct in6_addr *saddr,
  82                                    const struct in6_addr *daddr);
  83
  84static const struct inet_connection_sock_af_ops ipv6_mapped;
  85static const struct inet_connection_sock_af_ops ipv6_specific;
  86#ifdef CONFIG_TCP_MD5SIG
  87static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
  88static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
  89#else
  90static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
  91                                                   const struct in6_addr *addr)
  92{
  93        return NULL;
  94}
  95#endif
  96
  97static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
  98{
  99        struct dst_entry *dst = skb_dst(skb);
 100        const struct rt6_info *rt = (const struct rt6_info *)dst;
 101
 102        dst_hold(dst);
 103        sk->sk_rx_dst = dst;
 104        inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
 105        if (rt->rt6i_node)
 106                inet6_sk(sk)->rx_dst_cookie = rt->rt6i_node->fn_sernum;
 107}
 108
 109static void tcp_v6_hash(struct sock *sk)
 110{
 111        if (sk->sk_state != TCP_CLOSE) {
 112                if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) {
 113                        tcp_prot.hash(sk);
 114                        return;
 115                }
 116                local_bh_disable();
 117                __inet6_hash(sk, NULL);
 118                local_bh_enable();
 119        }
 120}
 121
 122static __inline__ __sum16 tcp_v6_check(int len,
 123                                   const struct in6_addr *saddr,
 124                                   const struct in6_addr *daddr,
 125                                   __wsum base)
 126{
 127        return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base);
 128}
 129
 130static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
 131{
 132        return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
 133                                            ipv6_hdr(skb)->saddr.s6_addr32,
 134                                            tcp_hdr(skb)->dest,
 135                                            tcp_hdr(skb)->source);
 136}
 137
 138static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
 139                          int addr_len)
 140{
 141        struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
 142        struct inet_sock *inet = inet_sk(sk);
 143        struct inet_connection_sock *icsk = inet_csk(sk);
 144        struct ipv6_pinfo *np = inet6_sk(sk);
 145        struct tcp_sock *tp = tcp_sk(sk);
 146        struct in6_addr *saddr = NULL, *final_p, final;
 147        struct rt6_info *rt;
 148        struct flowi6 fl6;
 149        struct dst_entry *dst;
 150        int addr_type;
 151        int err;
 152
 153        if (addr_len < SIN6_LEN_RFC2133)
 154                return -EINVAL;
 155
 156        if (usin->sin6_family != AF_INET6)
 157                return -EAFNOSUPPORT;
 158
 159        memset(&fl6, 0, sizeof(fl6));
 160
 161        if (np->sndflow) {
 162                fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
 163                IP6_ECN_flow_init(fl6.flowlabel);
 164                if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
 165                        struct ip6_flowlabel *flowlabel;
 166                        flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
 167                        if (flowlabel == NULL)
 168                                return -EINVAL;
 169                        usin->sin6_addr = flowlabel->dst;
 170                        fl6_sock_release(flowlabel);
 171                }
 172        }
 173
 174        /*
 175         *      connect() to INADDR_ANY means loopback (BSD'ism).
 176         */
 177
 178        if(ipv6_addr_any(&usin->sin6_addr))
 179                usin->sin6_addr.s6_addr[15] = 0x1;
 180
 181        addr_type = ipv6_addr_type(&usin->sin6_addr);
 182
 183        if(addr_type & IPV6_ADDR_MULTICAST)
 184                return -ENETUNREACH;
 185
 186        if (addr_type&IPV6_ADDR_LINKLOCAL) {
 187                if (addr_len >= sizeof(struct sockaddr_in6) &&
 188                    usin->sin6_scope_id) {
 189                        /* If interface is set while binding, indices
 190                         * must coincide.
 191                         */
 192                        if (sk->sk_bound_dev_if &&
 193                            sk->sk_bound_dev_if != usin->sin6_scope_id)
 194                                return -EINVAL;
 195
 196                        sk->sk_bound_dev_if = usin->sin6_scope_id;
 197                }
 198
 199                /* Connect to link-local address requires an interface */
 200                if (!sk->sk_bound_dev_if)
 201                        return -EINVAL;
 202        }
 203
 204        if (tp->rx_opt.ts_recent_stamp &&
 205            !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) {
 206                tp->rx_opt.ts_recent = 0;
 207                tp->rx_opt.ts_recent_stamp = 0;
 208                tp->write_seq = 0;
 209        }
 210
 211        np->daddr = usin->sin6_addr;
 212        np->flow_label = fl6.flowlabel;
 213
 214        /*
 215         *      TCP over IPv4
 216         */
 217
 218        if (addr_type == IPV6_ADDR_MAPPED) {
 219                u32 exthdrlen = icsk->icsk_ext_hdr_len;
 220                struct sockaddr_in sin;
 221
 222                SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
 223
 224                if (__ipv6_only_sock(sk))
 225                        return -ENETUNREACH;
 226
 227                sin.sin_family = AF_INET;
 228                sin.sin_port = usin->sin6_port;
 229                sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
 230
 231                icsk->icsk_af_ops = &ipv6_mapped;
 232                sk->sk_backlog_rcv = tcp_v4_do_rcv;
 233#ifdef CONFIG_TCP_MD5SIG
 234                tp->af_specific = &tcp_sock_ipv6_mapped_specific;
 235#endif
 236
 237                err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
 238
 239                if (err) {
 240                        icsk->icsk_ext_hdr_len = exthdrlen;
 241                        icsk->icsk_af_ops = &ipv6_specific;
 242                        sk->sk_backlog_rcv = tcp_v6_do_rcv;
 243#ifdef CONFIG_TCP_MD5SIG
 244                        tp->af_specific = &tcp_sock_ipv6_specific;
 245#endif
 246                        goto failure;
 247                } else {
 248                        ipv6_addr_set_v4mapped(inet->inet_saddr, &np->saddr);
 249                        ipv6_addr_set_v4mapped(inet->inet_rcv_saddr,
 250                                               &np->rcv_saddr);
 251                }
 252
 253                return err;
 254        }
 255
 256        if (!ipv6_addr_any(&np->rcv_saddr))
 257                saddr = &np->rcv_saddr;
 258
 259        fl6.flowi6_proto = IPPROTO_TCP;
 260        fl6.daddr = np->daddr;
 261        fl6.saddr = saddr ? *saddr : np->saddr;
 262        fl6.flowi6_oif = sk->sk_bound_dev_if;
 263        fl6.flowi6_mark = sk->sk_mark;
 264        fl6.fl6_dport = usin->sin6_port;
 265        fl6.fl6_sport = inet->inet_sport;
 266
 267        final_p = fl6_update_dst(&fl6, np->opt, &final);
 268
 269        security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
 270
 271        dst = ip6_dst_lookup_flow(sk, &fl6, final_p, true);
 272        if (IS_ERR(dst)) {
 273                err = PTR_ERR(dst);
 274                goto failure;
 275        }
 276
 277        if (saddr == NULL) {
 278                saddr = &fl6.saddr;
 279                np->rcv_saddr = *saddr;
 280        }
 281
 282        /* set the source address */
 283        np->saddr = *saddr;
 284        inet->inet_rcv_saddr = LOOPBACK4_IPV6;
 285
 286        sk->sk_gso_type = SKB_GSO_TCPV6;
 287        __ip6_dst_store(sk, dst, NULL, NULL);
 288
 289        rt = (struct rt6_info *) dst;
 290        if (tcp_death_row.sysctl_tw_recycle &&
 291            !tp->rx_opt.ts_recent_stamp &&
 292            ipv6_addr_equal(&rt->rt6i_dst.addr, &np->daddr))
 293                tcp_fetch_timewait_stamp(sk, dst);
 294
 295        icsk->icsk_ext_hdr_len = 0;
 296        if (np->opt)
 297                icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
 298                                          np->opt->opt_nflen);
 299
 300        tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
 301
 302        inet->inet_dport = usin->sin6_port;
 303
 304        tcp_set_state(sk, TCP_SYN_SENT);
 305        err = inet6_hash_connect(&tcp_death_row, sk);
 306        if (err)
 307                goto late_failure;
 308
 309        if (!tp->write_seq)
 310                tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
 311                                                             np->daddr.s6_addr32,
 312                                                             inet->inet_sport,
 313                                                             inet->inet_dport);
 314
 315        err = tcp_connect(sk);
 316        if (err)
 317                goto late_failure;
 318
 319        return 0;
 320
 321late_failure:
 322        tcp_set_state(sk, TCP_CLOSE);
 323        __sk_dst_reset(sk);
 324failure:
 325        inet->inet_dport = 0;
 326        sk->sk_route_caps = 0;
 327        return err;
 328}
 329
 330static void tcp_v6_mtu_reduced(struct sock *sk)
 331{
 332        struct dst_entry *dst;
 333
 334        if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
 335                return;
 336
 337        dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
 338        if (!dst)
 339                return;
 340
 341        if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
 342                tcp_sync_mss(sk, dst_mtu(dst));
 343                tcp_simple_retransmit(sk);
 344        }
 345}
 346
 347static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
 348                u8 type, u8 code, int offset, __be32 info)
 349{
 350        const struct ipv6hdr *hdr = (const struct ipv6hdr*)skb->data;
 351        const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
 352        struct ipv6_pinfo *np;
 353        struct sock *sk;
 354        int err;
 355        struct tcp_sock *tp;
 356        __u32 seq;
 357        struct net *net = dev_net(skb->dev);
 358
 359        sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr,
 360                        th->dest, &hdr->saddr, th->source, skb->dev->ifindex);
 361
 362        if (sk == NULL) {
 363                ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
 364                                   ICMP6_MIB_INERRORS);
 365                return;
 366        }
 367
 368        if (sk->sk_state == TCP_TIME_WAIT) {
 369                inet_twsk_put(inet_twsk(sk));
 370                return;
 371        }
 372
 373        bh_lock_sock(sk);
 374        if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
 375                NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
 376
 377        if (sk->sk_state == TCP_CLOSE)
 378                goto out;
 379
 380        if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
 381                NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
 382                goto out;
 383        }
 384
 385        tp = tcp_sk(sk);
 386        seq = ntohl(th->seq);
 387        if (sk->sk_state != TCP_LISTEN &&
 388            !between(seq, tp->snd_una, tp->snd_nxt)) {
 389                NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
 390                goto out;
 391        }
 392
 393        np = inet6_sk(sk);
 394
 395        if (type == NDISC_REDIRECT) {
 396                struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
 397
 398                if (dst)
 399                        dst->ops->redirect(dst, sk, skb);
 400        }
 401
 402        if (type == ICMPV6_PKT_TOOBIG) {
 403                tp->mtu_info = ntohl(info);
 404                if (!sock_owned_by_user(sk))
 405                        tcp_v6_mtu_reduced(sk);
 406                else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
 407                                           &tp->tsq_flags))
 408                        sock_hold(sk);
 409                goto out;
 410        }
 411
 412        icmpv6_err_convert(type, code, &err);
 413
 414        /* Might be for an request_sock */
 415        switch (sk->sk_state) {
 416                struct request_sock *req, **prev;
 417        case TCP_LISTEN:
 418                if (sock_owned_by_user(sk))
 419                        goto out;
 420
 421                req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr,
 422                                           &hdr->saddr, inet6_iif(skb));
 423                if (!req)
 424                        goto out;
 425
 426                /* ICMPs are not backlogged, hence we cannot get
 427                 * an established socket here.
 428                 */
 429                WARN_ON(req->sk != NULL);
 430
 431                if (seq != tcp_rsk(req)->snt_isn) {
 432                        NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
 433                        goto out;
 434                }
 435
 436                inet_csk_reqsk_queue_drop(sk, req, prev);
 437                goto out;
 438
 439        case TCP_SYN_SENT:
 440        case TCP_SYN_RECV:  /* Cannot happen.
 441                               It can, it SYNs are crossed. --ANK */
 442                if (!sock_owned_by_user(sk)) {
 443                        sk->sk_err = err;
 444                        sk->sk_error_report(sk);                /* Wake people up to see the error (see connect in sock.c) */
 445
 446                        tcp_done(sk);
 447                } else
 448                        sk->sk_err_soft = err;
 449                goto out;
 450        }
 451
 452        if (!sock_owned_by_user(sk) && np->recverr) {
 453                sk->sk_err = err;
 454                sk->sk_error_report(sk);
 455        } else
 456                sk->sk_err_soft = err;
 457
 458out:
 459        bh_unlock_sock(sk);
 460        sock_put(sk);
 461}
 462
 463
 464static int tcp_v6_send_synack(struct sock *sk, struct dst_entry *dst,
 465                              struct flowi6 *fl6,
 466                              struct request_sock *req,
 467                              struct request_values *rvp,
 468                              u16 queue_mapping)
 469{
 470        struct inet6_request_sock *treq = inet6_rsk(req);
 471        struct ipv6_pinfo *np = inet6_sk(sk);
 472        struct sk_buff * skb;
 473        int err = -ENOMEM;
 474
 475        /* First, grab a route. */
 476        if (!dst && (dst = inet6_csk_route_req(sk, fl6, req)) == NULL)
 477                goto done;
 478
 479        skb = tcp_make_synack(sk, dst, req, rvp);
 480
 481        if (skb) {
 482                __tcp_v6_send_check(skb, &treq->loc_addr, &treq->rmt_addr);
 483
 484                fl6->daddr = treq->rmt_addr;
 485                skb_set_queue_mapping(skb, queue_mapping);
 486                err = ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
 487                err = net_xmit_eval(err);
 488        }
 489
 490done:
 491        return err;
 492}
 493
 494static int tcp_v6_rtx_synack(struct sock *sk, struct request_sock *req,
 495                             struct request_values *rvp)
 496{
 497        struct flowi6 fl6;
 498
 499        TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
 500        return tcp_v6_send_synack(sk, NULL, &fl6, req, rvp, 0);
 501}
 502
 503static void tcp_v6_reqsk_destructor(struct request_sock *req)
 504{
 505        kfree_skb(inet6_rsk(req)->pktopts);
 506}
 507
 508#ifdef CONFIG_TCP_MD5SIG
 509static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk,
 510                                                   const struct in6_addr *addr)
 511{
 512        return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
 513}
 514
 515static struct tcp_md5sig_key *tcp_v6_md5_lookup(struct sock *sk,
 516                                                struct sock *addr_sk)
 517{
 518        return tcp_v6_md5_do_lookup(sk, &inet6_sk(addr_sk)->daddr);
 519}
 520
 521static struct tcp_md5sig_key *tcp_v6_reqsk_md5_lookup(struct sock *sk,
 522                                                      struct request_sock *req)
 523{
 524        return tcp_v6_md5_do_lookup(sk, &inet6_rsk(req)->rmt_addr);
 525}
 526
 527static int tcp_v6_parse_md5_keys (struct sock *sk, char __user *optval,
 528                                  int optlen)
 529{
 530        struct tcp_md5sig cmd;
 531        struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
 532
 533        if (optlen < sizeof(cmd))
 534                return -EINVAL;
 535
 536        if (copy_from_user(&cmd, optval, sizeof(cmd)))
 537                return -EFAULT;
 538
 539        if (sin6->sin6_family != AF_INET6)
 540                return -EINVAL;
 541
 542        if (!cmd.tcpm_keylen) {
 543                if (ipv6_addr_v4mapped(&sin6->sin6_addr))
 544                        return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
 545                                              AF_INET);
 546                return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
 547                                      AF_INET6);
 548        }
 549
 550        if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
 551                return -EINVAL;
 552
 553        if (ipv6_addr_v4mapped(&sin6->sin6_addr))
 554                return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
 555                                      AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
 556
 557        return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
 558                              AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
 559}
 560
 561static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
 562                                        const struct in6_addr *daddr,
 563                                        const struct in6_addr *saddr, int nbytes)
 564{
 565        struct tcp6_pseudohdr *bp;
 566        struct scatterlist sg;
 567
 568        bp = &hp->md5_blk.ip6;
 569        /* 1. TCP pseudo-header (RFC2460) */
 570        bp->saddr = *saddr;
 571        bp->daddr = *daddr;
 572        bp->protocol = cpu_to_be32(IPPROTO_TCP);
 573        bp->len = cpu_to_be32(nbytes);
 574
 575        sg_init_one(&sg, bp, sizeof(*bp));
 576        return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
 577}
 578
 579static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
 580                               const struct in6_addr *daddr, struct in6_addr *saddr,
 581                               const struct tcphdr *th)
 582{
 583        struct tcp_md5sig_pool *hp;
 584        struct hash_desc *desc;
 585
 586        hp = tcp_get_md5sig_pool();
 587        if (!hp)
 588                goto clear_hash_noput;
 589        desc = &hp->md5_desc;
 590
 591        if (crypto_hash_init(desc))
 592                goto clear_hash;
 593        if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
 594                goto clear_hash;
 595        if (tcp_md5_hash_header(hp, th))
 596                goto clear_hash;
 597        if (tcp_md5_hash_key(hp, key))
 598                goto clear_hash;
 599        if (crypto_hash_final(desc, md5_hash))
 600                goto clear_hash;
 601
 602        tcp_put_md5sig_pool();
 603        return 0;
 604
 605clear_hash:
 606        tcp_put_md5sig_pool();
 607clear_hash_noput:
 608        memset(md5_hash, 0, 16);
 609        return 1;
 610}
 611
 612static int tcp_v6_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key,
 613                               const struct sock *sk,
 614                               const struct request_sock *req,
 615                               const struct sk_buff *skb)
 616{
 617        const struct in6_addr *saddr, *daddr;
 618        struct tcp_md5sig_pool *hp;
 619        struct hash_desc *desc;
 620        const struct tcphdr *th = tcp_hdr(skb);
 621
 622        if (sk) {
 623                saddr = &inet6_sk(sk)->saddr;
 624                daddr = &inet6_sk(sk)->daddr;
 625        } else if (req) {
 626                saddr = &inet6_rsk(req)->loc_addr;
 627                daddr = &inet6_rsk(req)->rmt_addr;
 628        } else {
 629                const struct ipv6hdr *ip6h = ipv6_hdr(skb);
 630                saddr = &ip6h->saddr;
 631                daddr = &ip6h->daddr;
 632        }
 633
 634        hp = tcp_get_md5sig_pool();
 635        if (!hp)
 636                goto clear_hash_noput;
 637        desc = &hp->md5_desc;
 638
 639        if (crypto_hash_init(desc))
 640                goto clear_hash;
 641
 642        if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
 643                goto clear_hash;
 644        if (tcp_md5_hash_header(hp, th))
 645                goto clear_hash;
 646        if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
 647                goto clear_hash;
 648        if (tcp_md5_hash_key(hp, key))
 649                goto clear_hash;
 650        if (crypto_hash_final(desc, md5_hash))
 651                goto clear_hash;
 652
 653        tcp_put_md5sig_pool();
 654        return 0;
 655
 656clear_hash:
 657        tcp_put_md5sig_pool();
 658clear_hash_noput:
 659        memset(md5_hash, 0, 16);
 660        return 1;
 661}
 662
 663static int tcp_v6_inbound_md5_hash(struct sock *sk, const struct sk_buff *skb)
 664{
 665        const __u8 *hash_location = NULL;
 666        struct tcp_md5sig_key *hash_expected;
 667        const struct ipv6hdr *ip6h = ipv6_hdr(skb);
 668        const struct tcphdr *th = tcp_hdr(skb);
 669        int genhash;
 670        u8 newhash[16];
 671
 672        hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
 673        hash_location = tcp_parse_md5sig_option(th);
 674
 675        /* We've parsed the options - do we have a hash? */
 676        if (!hash_expected && !hash_location)
 677                return 0;
 678
 679        if (hash_expected && !hash_location) {
 680                NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
 681                return 1;
 682        }
 683
 684        if (!hash_expected && hash_location) {
 685                NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
 686                return 1;
 687        }
 688
 689        /* check the signature */
 690        genhash = tcp_v6_md5_hash_skb(newhash,
 691                                      hash_expected,
 692                                      NULL, NULL, skb);
 693
 694        if (genhash || memcmp(hash_location, newhash, 16) != 0) {
 695                net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
 696                                     genhash ? "failed" : "mismatch",
 697                                     &ip6h->saddr, ntohs(th->source),
 698                                     &ip6h->daddr, ntohs(th->dest));
 699                return 1;
 700        }
 701        return 0;
 702}
 703#endif
 704
 705struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
 706        .family         =       AF_INET6,
 707        .obj_size       =       sizeof(struct tcp6_request_sock),
 708        .rtx_syn_ack    =       tcp_v6_rtx_synack,
 709        .send_ack       =       tcp_v6_reqsk_send_ack,
 710        .destructor     =       tcp_v6_reqsk_destructor,
 711        .send_reset     =       tcp_v6_send_reset,
 712        .syn_ack_timeout =      tcp_syn_ack_timeout,
 713};
 714
 715#ifdef CONFIG_TCP_MD5SIG
 716static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
 717        .md5_lookup     =       tcp_v6_reqsk_md5_lookup,
 718        .calc_md5_hash  =       tcp_v6_md5_hash_skb,
 719};
 720#endif
 721
 722static void __tcp_v6_send_check(struct sk_buff *skb,
 723                                const struct in6_addr *saddr, const struct in6_addr *daddr)
 724{
 725        struct tcphdr *th = tcp_hdr(skb);
 726
 727        if (skb->ip_summed == CHECKSUM_PARTIAL) {
 728                th->check = ~tcp_v6_check(skb->len, saddr, daddr, 0);
 729                skb->csum_start = skb_transport_header(skb) - skb->head;
 730                skb->csum_offset = offsetof(struct tcphdr, check);
 731        } else {
 732                th->check = tcp_v6_check(skb->len, saddr, daddr,
 733                                         csum_partial(th, th->doff << 2,
 734                                                      skb->csum));
 735        }
 736}
 737
 738static void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
 739{
 740        struct ipv6_pinfo *np = inet6_sk(sk);
 741
 742        __tcp_v6_send_check(skb, &np->saddr, &np->daddr);
 743}
 744
 745static int tcp_v6_gso_send_check(struct sk_buff *skb)
 746{
 747        const struct ipv6hdr *ipv6h;
 748        struct tcphdr *th;
 749
 750        if (!pskb_may_pull(skb, sizeof(*th)))
 751                return -EINVAL;
 752
 753        ipv6h = ipv6_hdr(skb);
 754        th = tcp_hdr(skb);
 755
 756        th->check = 0;
 757        skb->ip_summed = CHECKSUM_PARTIAL;
 758        __tcp_v6_send_check(skb, &ipv6h->saddr, &ipv6h->daddr);
 759        return 0;
 760}
 761
 762static struct sk_buff **tcp6_gro_receive(struct sk_buff **head,
 763                                         struct sk_buff *skb)
 764{
 765        const struct ipv6hdr *iph = skb_gro_network_header(skb);
 766
 767        switch (skb->ip_summed) {
 768        case CHECKSUM_COMPLETE:
 769                if (!tcp_v6_check(skb_gro_len(skb), &iph->saddr, &iph->daddr,
 770                                  skb->csum)) {
 771                        skb->ip_summed = CHECKSUM_UNNECESSARY;
 772                        break;
 773                }
 774
 775                /* fall through */
 776        case CHECKSUM_NONE:
 777                NAPI_GRO_CB(skb)->flush = 1;
 778                return NULL;
 779        }
 780
 781        return tcp_gro_receive(head, skb);
 782}
 783
 784static int tcp6_gro_complete(struct sk_buff *skb)
 785{
 786        const struct ipv6hdr *iph = ipv6_hdr(skb);
 787        struct tcphdr *th = tcp_hdr(skb);
 788
 789        th->check = ~tcp_v6_check(skb->len - skb_transport_offset(skb),
 790                                  &iph->saddr, &iph->daddr, 0);
 791        skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
 792
 793        return tcp_gro_complete(skb);
 794}
 795
 796static void tcp_v6_send_response(struct sk_buff *skb, u32 seq, u32 ack, u32 win,
 797                                 u32 ts, struct tcp_md5sig_key *key, int rst, u8 tclass)
 798{
 799        const struct tcphdr *th = tcp_hdr(skb);
 800        struct tcphdr *t1;
 801        struct sk_buff *buff;
 802        struct flowi6 fl6;
 803        struct net *net = dev_net(skb_dst(skb)->dev);
 804        struct sock *ctl_sk = net->ipv6.tcp_sk;
 805        unsigned int tot_len = sizeof(struct tcphdr);
 806        struct dst_entry *dst;
 807        __be32 *topt;
 808
 809        if (ts)
 810                tot_len += TCPOLEN_TSTAMP_ALIGNED;
 811#ifdef CONFIG_TCP_MD5SIG
 812        if (key)
 813                tot_len += TCPOLEN_MD5SIG_ALIGNED;
 814#endif
 815
 816        buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
 817                         GFP_ATOMIC);
 818        if (buff == NULL)
 819                return;
 820
 821        skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
 822
 823        t1 = (struct tcphdr *) skb_push(buff, tot_len);
 824        skb_reset_transport_header(buff);
 825
 826        /* Swap the send and the receive. */
 827        memset(t1, 0, sizeof(*t1));
 828        t1->dest = th->source;
 829        t1->source = th->dest;
 830        t1->doff = tot_len / 4;
 831        t1->seq = htonl(seq);
 832        t1->ack_seq = htonl(ack);
 833        t1->ack = !rst || !th->ack;
 834        t1->rst = rst;
 835        t1->window = htons(win);
 836
 837        topt = (__be32 *)(t1 + 1);
 838
 839        if (ts) {
 840                *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
 841                                (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
 842                *topt++ = htonl(tcp_time_stamp);
 843                *topt++ = htonl(ts);
 844        }
 845
 846#ifdef CONFIG_TCP_MD5SIG
 847        if (key) {
 848                *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
 849                                (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
 850                tcp_v6_md5_hash_hdr((__u8 *)topt, key,
 851                                    &ipv6_hdr(skb)->saddr,
 852                                    &ipv6_hdr(skb)->daddr, t1);
 853        }
 854#endif
 855
 856        memset(&fl6, 0, sizeof(fl6));
 857        fl6.daddr = ipv6_hdr(skb)->saddr;
 858        fl6.saddr = ipv6_hdr(skb)->daddr;
 859
 860        buff->ip_summed = CHECKSUM_PARTIAL;
 861        buff->csum = 0;
 862
 863        __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
 864
 865        fl6.flowi6_proto = IPPROTO_TCP;
 866        if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL)
 867                fl6.flowi6_oif = inet6_iif(skb);
 868        fl6.fl6_dport = t1->dest;
 869        fl6.fl6_sport = t1->source;
 870        security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
 871
 872        /* Pass a socket to ip6_dst_lookup either it is for RST
 873         * Underlying function will use this to retrieve the network
 874         * namespace
 875         */
 876        dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL, false);
 877        if (!IS_ERR(dst)) {
 878                skb_dst_set(buff, dst);
 879                ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
 880                TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
 881                if (rst)
 882                        TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
 883                return;
 884        }
 885
 886        kfree_skb(buff);
 887}
 888
 889static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb)
 890{
 891        const struct tcphdr *th = tcp_hdr(skb);
 892        u32 seq = 0, ack_seq = 0;
 893        struct tcp_md5sig_key *key = NULL;
 894#ifdef CONFIG_TCP_MD5SIG
 895        const __u8 *hash_location = NULL;
 896        struct ipv6hdr *ipv6h = ipv6_hdr(skb);
 897        unsigned char newhash[16];
 898        int genhash;
 899        struct sock *sk1 = NULL;
 900#endif
 901
 902        if (th->rst)
 903                return;
 904
 905        if (!ipv6_unicast_destination(skb))
 906                return;
 907
 908#ifdef CONFIG_TCP_MD5SIG
 909        hash_location = tcp_parse_md5sig_option(th);
 910        if (!sk && hash_location) {
 911                /*
 912                 * active side is lost. Try to find listening socket through
 913                 * source port, and then find md5 key through listening socket.
 914                 * we are not loose security here:
 915                 * Incoming packet is checked with md5 hash with finding key,
 916                 * no RST generated if md5 hash doesn't match.
 917                 */
 918                sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
 919                                           &tcp_hashinfo, &ipv6h->daddr,
 920                                           ntohs(th->source), inet6_iif(skb));
 921                if (!sk1)
 922                        return;
 923
 924                rcu_read_lock();
 925                key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
 926                if (!key)
 927                        goto release_sk1;
 928
 929                genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, NULL, skb);
 930                if (genhash || memcmp(hash_location, newhash, 16) != 0)
 931                        goto release_sk1;
 932        } else {
 933                key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
 934        }
 935#endif
 936
 937        if (th->ack)
 938                seq = ntohl(th->ack_seq);
 939        else
 940                ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
 941                          (th->doff << 2);
 942
 943        tcp_v6_send_response(skb, seq, ack_seq, 0, 0, key, 1, 0);
 944
 945#ifdef CONFIG_TCP_MD5SIG
 946release_sk1:
 947        if (sk1) {
 948                rcu_read_unlock();
 949                sock_put(sk1);
 950        }
 951#endif
 952}
 953
 954static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts,
 955                            struct tcp_md5sig_key *key, u8 tclass)
 956{
 957        tcp_v6_send_response(skb, seq, ack, win, ts, key, 0, tclass);
 958}
 959
 960static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
 961{
 962        struct inet_timewait_sock *tw = inet_twsk(sk);
 963        struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
 964
 965        tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
 966                        tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
 967                        tcptw->tw_ts_recent, tcp_twsk_md5_key(tcptw),
 968                        tw->tw_tclass);
 969
 970        inet_twsk_put(tw);
 971}
 972
 973static void tcp_v6_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
 974                                  struct request_sock *req)
 975{
 976        tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent,
 977                        tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr), 0);
 978}
 979
 980
 981static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
 982{
 983        struct request_sock *req, **prev;
 984        const struct tcphdr *th = tcp_hdr(skb);
 985        struct sock *nsk;
 986
 987        /* Find possible connection requests. */
 988        req = inet6_csk_search_req(sk, &prev, th->source,
 989                                   &ipv6_hdr(skb)->saddr,
 990                                   &ipv6_hdr(skb)->daddr, inet6_iif(skb));
 991        if (req)
 992                return tcp_check_req(sk, skb, req, prev);
 993
 994        nsk = __inet6_lookup_established(sock_net(sk), &tcp_hashinfo,
 995                        &ipv6_hdr(skb)->saddr, th->source,
 996                        &ipv6_hdr(skb)->daddr, ntohs(th->dest), inet6_iif(skb));
 997
 998        if (nsk) {
 999                if (nsk->sk_state != TCP_TIME_WAIT) {
1000                        bh_lock_sock(nsk);
1001                        return nsk;
1002                }
1003                inet_twsk_put(inet_twsk(nsk));
1004                return NULL;
1005        }
1006
1007#ifdef CONFIG_SYN_COOKIES
1008        if (!th->syn)
1009                sk = cookie_v6_check(sk, skb);
1010#endif
1011        return sk;
1012}
1013
1014/* FIXME: this is substantially similar to the ipv4 code.
1015 * Can some kind of merge be done? -- erics
1016 */
1017static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1018{
1019        struct tcp_extend_values tmp_ext;
1020        struct tcp_options_received tmp_opt;
1021        const u8 *hash_location;
1022        struct request_sock *req;
1023        struct inet6_request_sock *treq;
1024        struct ipv6_pinfo *np = inet6_sk(sk);
1025        struct tcp_sock *tp = tcp_sk(sk);
1026        __u32 isn = TCP_SKB_CB(skb)->when;
1027        struct dst_entry *dst = NULL;
1028        struct flowi6 fl6;
1029        bool want_cookie = false;
1030
1031        if (skb->protocol == htons(ETH_P_IP))
1032                return tcp_v4_conn_request(sk, skb);
1033
1034        if (!ipv6_unicast_destination(skb))
1035                goto drop;
1036
1037        if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1038                want_cookie = tcp_syn_flood_action(sk, skb, "TCPv6");
1039                if (!want_cookie)
1040                        goto drop;
1041        }
1042
1043        if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1044                goto drop;
1045
1046        req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
1047        if (req == NULL)
1048                goto drop;
1049
1050#ifdef CONFIG_TCP_MD5SIG
1051        tcp_rsk(req)->af_specific = &tcp_request_sock_ipv6_ops;
1052#endif
1053
1054        tcp_clear_options(&tmp_opt);
1055        tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
1056        tmp_opt.user_mss = tp->rx_opt.user_mss;
1057        tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
1058
1059        if (tmp_opt.cookie_plus > 0 &&
1060            tmp_opt.saw_tstamp &&
1061            !tp->rx_opt.cookie_out_never &&
1062            (sysctl_tcp_cookie_size > 0 ||
1063             (tp->cookie_values != NULL &&
1064              tp->cookie_values->cookie_desired > 0))) {
1065                u8 *c;
1066                u32 *d;
1067                u32 *mess = &tmp_ext.cookie_bakery[COOKIE_DIGEST_WORDS];
1068                int l = tmp_opt.cookie_plus - TCPOLEN_COOKIE_BASE;
1069
1070                if (tcp_cookie_generator(&tmp_ext.cookie_bakery[0]) != 0)
1071                        goto drop_and_free;
1072
1073                /* Secret recipe starts with IP addresses */
1074                d = (__force u32 *)&ipv6_hdr(skb)->daddr.s6_addr32[0];
1075                *mess++ ^= *d++;
1076                *mess++ ^= *d++;
1077                *mess++ ^= *d++;
1078                *mess++ ^= *d++;
1079                d = (__force u32 *)&ipv6_hdr(skb)->saddr.s6_addr32[0];
1080                *mess++ ^= *d++;
1081                *mess++ ^= *d++;
1082                *mess++ ^= *d++;
1083                *mess++ ^= *d++;
1084
1085                /* plus variable length Initiator Cookie */
1086                c = (u8 *)mess;
1087                while (l-- > 0)
1088                        *c++ ^= *hash_location++;
1089
1090                want_cookie = false;    /* not our kind of cookie */
1091                tmp_ext.cookie_out_never = 0; /* false */
1092                tmp_ext.cookie_plus = tmp_opt.cookie_plus;
1093        } else if (!tp->rx_opt.cookie_in_always) {
1094                /* redundant indications, but ensure initialization. */
1095                tmp_ext.cookie_out_never = 1; /* true */
1096                tmp_ext.cookie_plus = 0;
1097        } else {
1098                goto drop_and_free;
1099        }
1100        tmp_ext.cookie_in_always = tp->rx_opt.cookie_in_always;
1101
1102        if (want_cookie && !tmp_opt.saw_tstamp)
1103                tcp_clear_options(&tmp_opt);
1104
1105        tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1106        tcp_openreq_init(req, &tmp_opt, skb);
1107
1108        treq = inet6_rsk(req);
1109        treq->rmt_addr = ipv6_hdr(skb)->saddr;
1110        treq->loc_addr = ipv6_hdr(skb)->daddr;
1111        if (!want_cookie || tmp_opt.tstamp_ok)
1112                TCP_ECN_create_request(req, skb);
1113
1114        treq->iif = sk->sk_bound_dev_if;
1115
1116        /* So that link locals have meaning */
1117        if (!sk->sk_bound_dev_if &&
1118            ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL)
1119                treq->iif = inet6_iif(skb);
1120
1121        if (!isn) {
1122                if (ipv6_opt_accepted(sk, skb) ||
1123                    np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
1124                    np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
1125                        atomic_inc(&skb->users);
1126                        treq->pktopts = skb;
1127                }
1128
1129                if (want_cookie) {
1130                        isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1131                        req->cookie_ts = tmp_opt.tstamp_ok;
1132                        goto have_isn;
1133                }
1134
1135                /* VJ's idea. We save last timestamp seen
1136                 * from the destination in peer table, when entering
1137                 * state TIME-WAIT, and check against it before
1138                 * accepting new connection request.
1139                 *
1140                 * If "isn" is not zero, this request hit alive
1141                 * timewait bucket, so that all the necessary checks
1142                 * are made in the function processing timewait state.
1143                 */
1144                if (tmp_opt.saw_tstamp &&
1145                    tcp_death_row.sysctl_tw_recycle &&
1146                    (dst = inet6_csk_route_req(sk, &fl6, req)) != NULL) {
1147                        if (!tcp_peer_is_proven(req, dst, true)) {
1148                                NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
1149                                goto drop_and_release;
1150                        }
1151                }
1152                /* Kill the following clause, if you dislike this way. */
1153                else if (!sysctl_tcp_syncookies &&
1154                         (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1155                          (sysctl_max_syn_backlog >> 2)) &&
1156                         !tcp_peer_is_proven(req, dst, false)) {
1157                        /* Without syncookies last quarter of
1158                         * backlog is filled with destinations,
1159                         * proven to be alive.
1160                         * It means that we continue to communicate
1161                         * to destinations, already remembered
1162                         * to the moment of synflood.
1163                         */
1164                        LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open request from %pI6/%u\n",
1165                                       &treq->rmt_addr, ntohs(tcp_hdr(skb)->source));
1166                        goto drop_and_release;
1167                }
1168
1169                isn = tcp_v6_init_sequence(skb);
1170        }
1171have_isn:
1172        tcp_rsk(req)->snt_isn = isn;
1173        tcp_rsk(req)->snt_synack = tcp_time_stamp;
1174
1175        if (security_inet_conn_request(sk, skb, req))
1176                goto drop_and_release;
1177
1178        if (tcp_v6_send_synack(sk, dst, &fl6, req,
1179                               (struct request_values *)&tmp_ext,
1180                               skb_get_queue_mapping(skb)) ||
1181            want_cookie)
1182                goto drop_and_free;
1183
1184        inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1185        return 0;
1186
1187drop_and_release:
1188        dst_release(dst);
1189drop_and_free:
1190        reqsk_free(req);
1191drop:
1192        return 0; /* don't send reset */
1193}
1194
1195static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1196                                          struct request_sock *req,
1197                                          struct dst_entry *dst)
1198{
1199        struct inet6_request_sock *treq;
1200        struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
1201        struct tcp6_sock *newtcp6sk;
1202        struct inet_sock *newinet;
1203        struct tcp_sock *newtp;
1204        struct sock *newsk;
1205#ifdef CONFIG_TCP_MD5SIG
1206        struct tcp_md5sig_key *key;
1207#endif
1208        struct flowi6 fl6;
1209
1210        if (skb->protocol == htons(ETH_P_IP)) {
1211                /*
1212                 *      v6 mapped
1213                 */
1214
1215                newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst);
1216
1217                if (newsk == NULL)
1218                        return NULL;
1219
1220                newtcp6sk = (struct tcp6_sock *)newsk;
1221                inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1222
1223                newinet = inet_sk(newsk);
1224                newnp = inet6_sk(newsk);
1225                newtp = tcp_sk(newsk);
1226
1227                memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1228
1229                ipv6_addr_set_v4mapped(newinet->inet_daddr, &newnp->daddr);
1230
1231                ipv6_addr_set_v4mapped(newinet->inet_saddr, &newnp->saddr);
1232
1233                newnp->rcv_saddr = newnp->saddr;
1234
1235                inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1236                newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1237#ifdef CONFIG_TCP_MD5SIG
1238                newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1239#endif
1240
1241                newnp->ipv6_ac_list = NULL;
1242                newnp->ipv6_fl_list = NULL;
1243                newnp->pktoptions  = NULL;
1244                newnp->opt         = NULL;
1245                newnp->mcast_oif   = inet6_iif(skb);
1246                newnp->mcast_hops  = ipv6_hdr(skb)->hop_limit;
1247                newnp->rcv_tclass  = ipv6_tclass(ipv6_hdr(skb));
1248
1249                /*
1250                 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1251                 * here, tcp_create_openreq_child now does this for us, see the comment in
1252                 * that function for the gory details. -acme
1253                 */
1254
1255                /* It is tricky place. Until this moment IPv4 tcp
1256                   worked with IPv6 icsk.icsk_af_ops.
1257                   Sync it now.
1258                 */
1259                tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1260
1261                return newsk;
1262        }
1263
1264        treq = inet6_rsk(req);
1265
1266        if (sk_acceptq_is_full(sk))
1267                goto out_overflow;
1268
1269        if (!dst) {
1270                dst = inet6_csk_route_req(sk, &fl6, req);
1271                if (!dst)
1272                        goto out;
1273        }
1274
1275        newsk = tcp_create_openreq_child(sk, req, skb);
1276        if (newsk == NULL)
1277                goto out_nonewsk;
1278
1279        /*
1280         * No need to charge this sock to the relevant IPv6 refcnt debug socks
1281         * count here, tcp_create_openreq_child now does this for us, see the
1282         * comment in that function for the gory details. -acme
1283         */
1284
1285        newsk->sk_gso_type = SKB_GSO_TCPV6;
1286        __ip6_dst_store(newsk, dst, NULL, NULL);
1287        inet6_sk_rx_dst_set(newsk, skb);
1288
1289        newtcp6sk = (struct tcp6_sock *)newsk;
1290        inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
1291
1292        newtp = tcp_sk(newsk);
1293        newinet = inet_sk(newsk);
1294        newnp = inet6_sk(newsk);
1295
1296        memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1297
1298        newnp->daddr = treq->rmt_addr;
1299        newnp->saddr = treq->loc_addr;
1300        newnp->rcv_saddr = treq->loc_addr;
1301        newsk->sk_bound_dev_if = treq->iif;
1302
1303        /* Now IPv6 options...
1304
1305           First: no IPv4 options.
1306         */
1307        newinet->inet_opt = NULL;
1308        newnp->ipv6_ac_list = NULL;
1309        newnp->ipv6_fl_list = NULL;
1310
1311        /* Clone RX bits */
1312        newnp->rxopt.all = np->rxopt.all;
1313
1314        /* Clone pktoptions received with SYN */
1315        newnp->pktoptions = NULL;
1316        if (treq->pktopts != NULL) {
1317                newnp->pktoptions = skb_clone(treq->pktopts,
1318                                              sk_gfp_atomic(sk, GFP_ATOMIC));
1319                consume_skb(treq->pktopts);
1320                treq->pktopts = NULL;
1321                if (newnp->pktoptions)
1322                        skb_set_owner_r(newnp->pktoptions, newsk);
1323        }
1324        newnp->opt        = NULL;
1325        newnp->mcast_oif  = inet6_iif(skb);
1326        newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1327        newnp->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1328
1329        /* Clone native IPv6 options from listening socket (if any)
1330
1331           Yes, keeping reference count would be much more clever,
1332           but we make one more one thing there: reattach optmem
1333           to newsk.
1334         */
1335        if (np->opt)
1336                newnp->opt = ipv6_dup_options(newsk, np->opt);
1337
1338        inet_csk(newsk)->icsk_ext_hdr_len = 0;
1339        if (newnp->opt)
1340                inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
1341                                                     newnp->opt->opt_flen);
1342
1343        tcp_mtup_init(newsk);
1344        tcp_sync_mss(newsk, dst_mtu(dst));
1345        newtp->advmss = dst_metric_advmss(dst);
1346        if (tcp_sk(sk)->rx_opt.user_mss &&
1347            tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
1348                newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1349
1350        tcp_initialize_rcv_mss(newsk);
1351        if (tcp_rsk(req)->snt_synack)
1352                tcp_valid_rtt_meas(newsk,
1353                    tcp_time_stamp - tcp_rsk(req)->snt_synack);
1354        newtp->total_retrans = req->retrans;
1355
1356        newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1357        newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1358
1359#ifdef CONFIG_TCP_MD5SIG
1360        /* Copy over the MD5 key from the original socket */
1361        if ((key = tcp_v6_md5_do_lookup(sk, &newnp->daddr)) != NULL) {
1362                /* We're using one, so create a matching key
1363                 * on the newsk structure. If we fail to get
1364                 * memory, then we end up not copying the key
1365                 * across. Shucks.
1366                 */
1367                tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newnp->daddr,
1368                               AF_INET6, key->key, key->keylen,
1369                               sk_gfp_atomic(sk, GFP_ATOMIC));
1370        }
1371#endif
1372
1373        if (__inet_inherit_port(sk, newsk) < 0) {
1374                sock_put(newsk);
1375                goto out;
1376        }
1377        __inet6_hash(newsk, NULL);
1378
1379        return newsk;
1380
1381out_overflow:
1382        NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1383out_nonewsk:
1384        dst_release(dst);
1385out:
1386        NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
1387        return NULL;
1388}
1389
1390static __sum16 tcp_v6_checksum_init(struct sk_buff *skb)
1391{
1392        if (skb->ip_summed == CHECKSUM_COMPLETE) {
1393                if (!tcp_v6_check(skb->len, &ipv6_hdr(skb)->saddr,
1394                                  &ipv6_hdr(skb)->daddr, skb->csum)) {
1395                        skb->ip_summed = CHECKSUM_UNNECESSARY;
1396                        return 0;
1397                }
1398        }
1399
1400        skb->csum = ~csum_unfold(tcp_v6_check(skb->len,
1401                                              &ipv6_hdr(skb)->saddr,
1402                                              &ipv6_hdr(skb)->daddr, 0));
1403
1404        if (skb->len <= 76) {
1405                return __skb_checksum_complete(skb);
1406        }
1407        return 0;
1408}
1409
1410/* The socket must have it's spinlock held when we get
1411 * here.
1412 *
1413 * We have a potential double-lock case here, so even when
1414 * doing backlog processing we use the BH locking scheme.
1415 * This is because we cannot sleep with the original spinlock
1416 * held.
1417 */
1418static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1419{
1420        struct ipv6_pinfo *np = inet6_sk(sk);
1421        struct tcp_sock *tp;
1422        struct sk_buff *opt_skb = NULL;
1423
1424        /* Imagine: socket is IPv6. IPv4 packet arrives,
1425           goes to IPv4 receive handler and backlogged.
1426           From backlog it always goes here. Kerboom...
1427           Fortunately, tcp_rcv_established and rcv_established
1428           handle them correctly, but it is not case with
1429           tcp_v6_hnd_req and tcp_v6_send_reset().   --ANK
1430         */
1431
1432        if (skb->protocol == htons(ETH_P_IP))
1433                return tcp_v4_do_rcv(sk, skb);
1434
1435#ifdef CONFIG_TCP_MD5SIG
1436        if (tcp_v6_inbound_md5_hash (sk, skb))
1437                goto discard;
1438#endif
1439
1440        if (sk_filter(sk, skb))
1441                goto discard;
1442
1443        /*
1444         *      socket locking is here for SMP purposes as backlog rcv
1445         *      is currently called with bh processing disabled.
1446         */
1447
1448        /* Do Stevens' IPV6_PKTOPTIONS.
1449
1450           Yes, guys, it is the only place in our code, where we
1451           may make it not affecting IPv4.
1452           The rest of code is protocol independent,
1453           and I do not like idea to uglify IPv4.
1454
1455           Actually, all the idea behind IPV6_PKTOPTIONS
1456           looks not very well thought. For now we latch
1457           options, received in the last packet, enqueued
1458           by tcp. Feel free to propose better solution.
1459                                               --ANK (980728)
1460         */
1461        if (np->rxopt.all)
1462                opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
1463
1464        if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1465                struct dst_entry *dst = sk->sk_rx_dst;
1466
1467                sock_rps_save_rxhash(sk, skb);
1468                if (dst) {
1469                        if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1470                            dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
1471                                dst_release(dst);
1472                                sk->sk_rx_dst = NULL;
1473                        }
1474                }
1475
1476                if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len))
1477                        goto reset;
1478                if (opt_skb)
1479                        goto ipv6_pktoptions;
1480                return 0;
1481        }
1482
1483        if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1484                goto csum_err;
1485
1486        if (sk->sk_state == TCP_LISTEN) {
1487                struct sock *nsk = tcp_v6_hnd_req(sk, skb);
1488                if (!nsk)
1489                        goto discard;
1490
1491                /*
1492                 * Queue it on the new socket if the new socket is active,
1493                 * otherwise we just shortcircuit this and continue with
1494                 * the new socket..
1495                 */
1496                if(nsk != sk) {
1497                        sock_rps_save_rxhash(nsk, skb);
1498                        if (tcp_child_process(sk, nsk, skb))
1499                                goto reset;
1500                        if (opt_skb)
1501                                __kfree_skb(opt_skb);
1502                        return 0;
1503                }
1504        } else
1505                sock_rps_save_rxhash(sk, skb);
1506
1507        if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len))
1508                goto reset;
1509        if (opt_skb)
1510                goto ipv6_pktoptions;
1511        return 0;
1512
1513reset:
1514        tcp_v6_send_reset(sk, skb);
1515discard:
1516        if (opt_skb)
1517                __kfree_skb(opt_skb);
1518        kfree_skb(skb);
1519        return 0;
1520csum_err:
1521        TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
1522        goto discard;
1523
1524
1525ipv6_pktoptions:
1526        /* Do you ask, what is it?
1527
1528           1. skb was enqueued by tcp.
1529           2. skb is added to tail of read queue, rather than out of order.
1530           3. socket is not in passive state.
1531           4. Finally, it really contains options, which user wants to receive.
1532         */
1533        tp = tcp_sk(sk);
1534        if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1535            !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1536                if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1537                        np->mcast_oif = inet6_iif(opt_skb);
1538                if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1539                        np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1540                if (np->rxopt.bits.rxtclass)
1541                        np->rcv_tclass = ipv6_tclass(ipv6_hdr(skb));
1542                if (ipv6_opt_accepted(sk, opt_skb)) {
1543                        skb_set_owner_r(opt_skb, sk);
1544                        opt_skb = xchg(&np->pktoptions, opt_skb);
1545                } else {
1546                        __kfree_skb(opt_skb);
1547                        opt_skb = xchg(&np->pktoptions, NULL);
1548                }
1549        }
1550
1551        kfree_skb(opt_skb);
1552        return 0;
1553}
1554
1555static int tcp_v6_rcv(struct sk_buff *skb)
1556{
1557        const struct tcphdr *th;
1558        const struct ipv6hdr *hdr;
1559        struct sock *sk;
1560        int ret;
1561        struct net *net = dev_net(skb->dev);
1562
1563        if (skb->pkt_type != PACKET_HOST)
1564                goto discard_it;
1565
1566        /*
1567         *      Count it even if it's bad.
1568         */
1569        TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
1570
1571        if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1572                goto discard_it;
1573
1574        th = tcp_hdr(skb);
1575
1576        if (th->doff < sizeof(struct tcphdr)/4)
1577                goto bad_packet;
1578        if (!pskb_may_pull(skb, th->doff*4))
1579                goto discard_it;
1580
1581        if (!skb_csum_unnecessary(skb) && tcp_v6_checksum_init(skb))
1582                goto bad_packet;
1583
1584        th = tcp_hdr(skb);
1585        hdr = ipv6_hdr(skb);
1586        TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1587        TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1588                                    skb->len - th->doff*4);
1589        TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1590        TCP_SKB_CB(skb)->when = 0;
1591        TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1592        TCP_SKB_CB(skb)->sacked = 0;
1593
1594        sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1595        if (!sk)
1596                goto no_tcp_socket;
1597
1598process:
1599        if (sk->sk_state == TCP_TIME_WAIT)
1600                goto do_time_wait;
1601
1602        if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
1603                NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1604                goto discard_and_relse;
1605        }
1606
1607        if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
1608                goto discard_and_relse;
1609
1610        if (sk_filter(sk, skb))
1611                goto discard_and_relse;
1612
1613        skb->dev = NULL;
1614
1615        bh_lock_sock_nested(sk);
1616        ret = 0;
1617        if (!sock_owned_by_user(sk)) {
1618#ifdef CONFIG_NET_DMA
1619                struct tcp_sock *tp = tcp_sk(sk);
1620                if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1621                        tp->ucopy.dma_chan = net_dma_find_channel();
1622                if (tp->ucopy.dma_chan)
1623                        ret = tcp_v6_do_rcv(sk, skb);
1624                else
1625#endif
1626                {
1627                        if (!tcp_prequeue(sk, skb))
1628                                ret = tcp_v6_do_rcv(sk, skb);
1629                }
1630        } else if (unlikely(sk_add_backlog(sk, skb,
1631                                           sk->sk_rcvbuf + sk->sk_sndbuf))) {
1632                bh_unlock_sock(sk);
1633                NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
1634                goto discard_and_relse;
1635        }
1636        bh_unlock_sock(sk);
1637
1638        sock_put(sk);
1639        return ret ? -1 : 0;
1640
1641no_tcp_socket:
1642        if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1643                goto discard_it;
1644
1645        if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1646bad_packet:
1647                TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1648        } else {
1649                tcp_v6_send_reset(NULL, skb);
1650        }
1651
1652discard_it:
1653
1654        /*
1655         *      Discard frame
1656         */
1657
1658        kfree_skb(skb);
1659        return 0;
1660
1661discard_and_relse:
1662        sock_put(sk);
1663        goto discard_it;
1664
1665do_time_wait:
1666        if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1667                inet_twsk_put(inet_twsk(sk));
1668                goto discard_it;
1669        }
1670
1671        if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) {
1672                TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1673                inet_twsk_put(inet_twsk(sk));
1674                goto discard_it;
1675        }
1676
1677        switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1678        case TCP_TW_SYN:
1679        {
1680                struct sock *sk2;
1681
1682                sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1683                                            &ipv6_hdr(skb)->daddr,
1684                                            ntohs(th->dest), inet6_iif(skb));
1685                if (sk2 != NULL) {
1686                        struct inet_timewait_sock *tw = inet_twsk(sk);
1687                        inet_twsk_deschedule(tw, &tcp_death_row);
1688                        inet_twsk_put(tw);
1689                        sk = sk2;
1690                        goto process;
1691                }
1692                /* Fall through to ACK */
1693        }
1694        case TCP_TW_ACK:
1695                tcp_v6_timewait_ack(sk, skb);
1696                break;
1697        case TCP_TW_RST:
1698                goto no_tcp_socket;
1699        case TCP_TW_SUCCESS:;
1700        }
1701        goto discard_it;
1702}
1703
1704static void tcp_v6_early_demux(struct sk_buff *skb)
1705{
1706        const struct ipv6hdr *hdr;
1707        const struct tcphdr *th;
1708        struct sock *sk;
1709
1710        if (skb->pkt_type != PACKET_HOST)
1711                return;
1712
1713        if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1714                return;
1715
1716        hdr = ipv6_hdr(skb);
1717        th = tcp_hdr(skb);
1718
1719        if (th->doff < sizeof(struct tcphdr) / 4)
1720                return;
1721
1722        sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1723                                        &hdr->saddr, th->source,
1724                                        &hdr->daddr, ntohs(th->dest),
1725                                        inet6_iif(skb));
1726        if (sk) {
1727                skb->sk = sk;
1728                skb->destructor = sock_edemux;
1729                if (sk->sk_state != TCP_TIME_WAIT) {
1730                        struct dst_entry *dst = sk->sk_rx_dst;
1731                        struct inet_sock *icsk = inet_sk(sk);
1732                        if (dst)
1733                                dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
1734                        if (dst &&
1735                            icsk->rx_dst_ifindex == skb->skb_iif)
1736                                skb_dst_set_noref(skb, dst);
1737                }
1738        }
1739}
1740
1741static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1742        .twsk_obj_size  = sizeof(struct tcp6_timewait_sock),
1743        .twsk_unique    = tcp_twsk_unique,
1744        .twsk_destructor= tcp_twsk_destructor,
1745};
1746
1747static const struct inet_connection_sock_af_ops ipv6_specific = {
1748        .queue_xmit        = inet6_csk_xmit,
1749        .send_check        = tcp_v6_send_check,
1750        .rebuild_header    = inet6_sk_rebuild_header,
1751        .sk_rx_dst_set     = inet6_sk_rx_dst_set,
1752        .conn_request      = tcp_v6_conn_request,
1753        .syn_recv_sock     = tcp_v6_syn_recv_sock,
1754        .net_header_len    = sizeof(struct ipv6hdr),
1755        .net_frag_header_len = sizeof(struct frag_hdr),
1756        .setsockopt        = ipv6_setsockopt,
1757        .getsockopt        = ipv6_getsockopt,
1758        .addr2sockaddr     = inet6_csk_addr2sockaddr,
1759        .sockaddr_len      = sizeof(struct sockaddr_in6),
1760        .bind_conflict     = inet6_csk_bind_conflict,
1761#ifdef CONFIG_COMPAT
1762        .compat_setsockopt = compat_ipv6_setsockopt,
1763        .compat_getsockopt = compat_ipv6_getsockopt,
1764#endif
1765};
1766
1767#ifdef CONFIG_TCP_MD5SIG
1768static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1769        .md5_lookup     =       tcp_v6_md5_lookup,
1770        .calc_md5_hash  =       tcp_v6_md5_hash_skb,
1771        .md5_parse      =       tcp_v6_parse_md5_keys,
1772};
1773#endif
1774
1775/*
1776 *      TCP over IPv4 via INET6 API
1777 */
1778
1779static const struct inet_connection_sock_af_ops ipv6_mapped = {
1780        .queue_xmit        = ip_queue_xmit,
1781        .send_check        = tcp_v4_send_check,
1782        .rebuild_header    = inet_sk_rebuild_header,
1783        .sk_rx_dst_set     = inet_sk_rx_dst_set,
1784        .conn_request      = tcp_v6_conn_request,
1785        .syn_recv_sock     = tcp_v6_syn_recv_sock,
1786        .net_header_len    = sizeof(struct iphdr),
1787        .setsockopt        = ipv6_setsockopt,
1788        .getsockopt        = ipv6_getsockopt,
1789        .addr2sockaddr     = inet6_csk_addr2sockaddr,
1790        .sockaddr_len      = sizeof(struct sockaddr_in6),
1791        .bind_conflict     = inet6_csk_bind_conflict,
1792#ifdef CONFIG_COMPAT
1793        .compat_setsockopt = compat_ipv6_setsockopt,
1794        .compat_getsockopt = compat_ipv6_getsockopt,
1795#endif
1796};
1797
1798#ifdef CONFIG_TCP_MD5SIG
1799static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1800        .md5_lookup     =       tcp_v4_md5_lookup,
1801        .calc_md5_hash  =       tcp_v4_md5_hash_skb,
1802        .md5_parse      =       tcp_v6_parse_md5_keys,
1803};
1804#endif
1805
1806/* NOTE: A lot of things set to zero explicitly by call to
1807 *       sk_alloc() so need not be done here.
1808 */
1809static int tcp_v6_init_sock(struct sock *sk)
1810{
1811        struct inet_connection_sock *icsk = inet_csk(sk);
1812
1813        tcp_init_sock(sk);
1814
1815        icsk->icsk_af_ops = &ipv6_specific;
1816
1817#ifdef CONFIG_TCP_MD5SIG
1818        tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1819#endif
1820
1821        return 0;
1822}
1823
1824static void tcp_v6_destroy_sock(struct sock *sk)
1825{
1826        tcp_v4_destroy_sock(sk);
1827        inet6_destroy_sock(sk);
1828}
1829
1830#ifdef CONFIG_PROC_FS
1831/* Proc filesystem TCPv6 sock list dumping. */
1832static void get_openreq6(struct seq_file *seq,
1833                         const struct sock *sk, struct request_sock *req, int i, int uid)
1834{
1835        int ttd = req->expires - jiffies;
1836        const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
1837        const struct in6_addr *dest = &inet6_rsk(req)->rmt_addr;
1838
1839        if (ttd < 0)
1840                ttd = 0;
1841
1842        seq_printf(seq,
1843                   "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1844                   "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1845                   i,
1846                   src->s6_addr32[0], src->s6_addr32[1],
1847                   src->s6_addr32[2], src->s6_addr32[3],
1848                   ntohs(inet_rsk(req)->loc_port),
1849                   dest->s6_addr32[0], dest->s6_addr32[1],
1850                   dest->s6_addr32[2], dest->s6_addr32[3],
1851                   ntohs(inet_rsk(req)->rmt_port),
1852                   TCP_SYN_RECV,
1853                   0,0, /* could print option size, but that is af dependent. */
1854                   1,   /* timers active (only the expire timer) */
1855                   jiffies_to_clock_t(ttd),
1856                   req->retrans,
1857                   uid,
1858                   0,  /* non standard timer */
1859                   0, /* open_requests have no inode */
1860                   0, req);
1861}
1862
1863static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
1864{
1865        const struct in6_addr *dest, *src;
1866        __u16 destp, srcp;
1867        int timer_active;
1868        unsigned long timer_expires;
1869        const struct inet_sock *inet = inet_sk(sp);
1870        const struct tcp_sock *tp = tcp_sk(sp);
1871        const struct inet_connection_sock *icsk = inet_csk(sp);
1872        const struct ipv6_pinfo *np = inet6_sk(sp);
1873
1874        dest  = &np->daddr;
1875        src   = &np->rcv_saddr;
1876        destp = ntohs(inet->inet_dport);
1877        srcp  = ntohs(inet->inet_sport);
1878
1879        if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
1880                timer_active    = 1;
1881                timer_expires   = icsk->icsk_timeout;
1882        } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
1883                timer_active    = 4;
1884                timer_expires   = icsk->icsk_timeout;
1885        } else if (timer_pending(&sp->sk_timer)) {
1886                timer_active    = 2;
1887                timer_expires   = sp->sk_timer.expires;
1888        } else {
1889                timer_active    = 0;
1890                timer_expires = jiffies;
1891        }
1892
1893        seq_printf(seq,
1894                   "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1895                   "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %pK %lu %lu %u %u %d\n",
1896                   i,
1897                   src->s6_addr32[0], src->s6_addr32[1],
1898                   src->s6_addr32[2], src->s6_addr32[3], srcp,
1899                   dest->s6_addr32[0], dest->s6_addr32[1],
1900                   dest->s6_addr32[2], dest->s6_addr32[3], destp,
1901                   sp->sk_state,
1902                   tp->write_seq-tp->snd_una,
1903                   (sp->sk_state == TCP_LISTEN) ? sp->sk_ack_backlog : (tp->rcv_nxt - tp->copied_seq),
1904                   timer_active,
1905                   jiffies_to_clock_t(timer_expires - jiffies),
1906                   icsk->icsk_retransmits,
1907                   sock_i_uid(sp),
1908                   icsk->icsk_probes_out,
1909                   sock_i_ino(sp),
1910                   atomic_read(&sp->sk_refcnt), sp,
1911                   jiffies_to_clock_t(icsk->icsk_rto),
1912                   jiffies_to_clock_t(icsk->icsk_ack.ato),
1913                   (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong,
1914                   tp->snd_cwnd,
1915                   tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh
1916                   );
1917}
1918
1919static void get_timewait6_sock(struct seq_file *seq,
1920                               struct inet_timewait_sock *tw, int i)
1921{
1922        const struct in6_addr *dest, *src;
1923        __u16 destp, srcp;
1924        const struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw);
1925        int ttd = tw->tw_ttd - jiffies;
1926
1927        if (ttd < 0)
1928                ttd = 0;
1929
1930        dest = &tw6->tw_v6_daddr;
1931        src  = &tw6->tw_v6_rcv_saddr;
1932        destp = ntohs(tw->tw_dport);
1933        srcp  = ntohs(tw->tw_sport);
1934
1935        seq_printf(seq,
1936                   "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1937                   "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
1938                   i,
1939                   src->s6_addr32[0], src->s6_addr32[1],
1940                   src->s6_addr32[2], src->s6_addr32[3], srcp,
1941                   dest->s6_addr32[0], dest->s6_addr32[1],
1942                   dest->s6_addr32[2], dest->s6_addr32[3], destp,
1943                   tw->tw_substate, 0, 0,
1944                   3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
1945                   atomic_read(&tw->tw_refcnt), tw);
1946}
1947
1948static int tcp6_seq_show(struct seq_file *seq, void *v)
1949{
1950        struct tcp_iter_state *st;
1951
1952        if (v == SEQ_START_TOKEN) {
1953                seq_puts(seq,
1954                         "  sl  "
1955                         "local_address                         "
1956                         "remote_address                        "
1957                         "st tx_queue rx_queue tr tm->when retrnsmt"
1958                         "   uid  timeout inode\n");
1959                goto out;
1960        }
1961        st = seq->private;
1962
1963        switch (st->state) {
1964        case TCP_SEQ_STATE_LISTENING:
1965        case TCP_SEQ_STATE_ESTABLISHED:
1966                get_tcp6_sock(seq, v, st->num);
1967                break;
1968        case TCP_SEQ_STATE_OPENREQ:
1969                get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid);
1970                break;
1971        case TCP_SEQ_STATE_TIME_WAIT:
1972                get_timewait6_sock(seq, v, st->num);
1973                break;
1974        }
1975out:
1976        return 0;
1977}
1978
1979static const struct file_operations tcp6_afinfo_seq_fops = {
1980        .owner   = THIS_MODULE,
1981        .open    = tcp_seq_open,
1982        .read    = seq_read,
1983        .llseek  = seq_lseek,
1984        .release = seq_release_net
1985};
1986
1987static struct tcp_seq_afinfo tcp6_seq_afinfo = {
1988        .name           = "tcp6",
1989        .family         = AF_INET6,
1990        .seq_fops       = &tcp6_afinfo_seq_fops,
1991        .seq_ops        = {
1992                .show           = tcp6_seq_show,
1993        },
1994};
1995
1996int __net_init tcp6_proc_init(struct net *net)
1997{
1998        return tcp_proc_register(net, &tcp6_seq_afinfo);
1999}
2000
2001void tcp6_proc_exit(struct net *net)
2002{
2003        tcp_proc_unregister(net, &tcp6_seq_afinfo);
2004}
2005#endif
2006
2007struct proto tcpv6_prot = {
2008        .name                   = "TCPv6",
2009        .owner                  = THIS_MODULE,
2010        .close                  = tcp_close,
2011        .connect                = tcp_v6_connect,
2012        .disconnect             = tcp_disconnect,
2013        .accept                 = inet_csk_accept,
2014        .ioctl                  = tcp_ioctl,
2015        .init                   = tcp_v6_init_sock,
2016        .destroy                = tcp_v6_destroy_sock,
2017        .shutdown               = tcp_shutdown,
2018        .setsockopt             = tcp_setsockopt,
2019        .getsockopt             = tcp_getsockopt,
2020        .recvmsg                = tcp_recvmsg,
2021        .sendmsg                = tcp_sendmsg,
2022        .sendpage               = tcp_sendpage,
2023        .backlog_rcv            = tcp_v6_do_rcv,
2024        .release_cb             = tcp_release_cb,
2025        .mtu_reduced            = tcp_v6_mtu_reduced,
2026        .hash                   = tcp_v6_hash,
2027        .unhash                 = inet_unhash,
2028        .get_port               = inet_csk_get_port,
2029        .enter_memory_pressure  = tcp_enter_memory_pressure,
2030        .sockets_allocated      = &tcp_sockets_allocated,
2031        .memory_allocated       = &tcp_memory_allocated,
2032        .memory_pressure        = &tcp_memory_pressure,
2033        .orphan_count           = &tcp_orphan_count,
2034        .sysctl_wmem            = sysctl_tcp_wmem,
2035        .sysctl_rmem            = sysctl_tcp_rmem,
2036        .max_header             = MAX_TCP_HEADER,
2037        .obj_size               = sizeof(struct tcp6_sock),
2038        .slab_flags             = SLAB_DESTROY_BY_RCU,
2039        .twsk_prot              = &tcp6_timewait_sock_ops,
2040        .rsk_prot               = &tcp6_request_sock_ops,
2041        .h.hashinfo             = &tcp_hashinfo,
2042        .no_autobind            = true,
2043#ifdef CONFIG_COMPAT
2044        .compat_setsockopt      = compat_tcp_setsockopt,
2045        .compat_getsockopt      = compat_tcp_getsockopt,
2046#endif
2047#ifdef CONFIG_MEMCG_KMEM
2048        .proto_cgroup           = tcp_proto_cgroup,
2049#endif
2050};
2051
2052static const struct inet6_protocol tcpv6_protocol = {
2053        .early_demux    =       tcp_v6_early_demux,
2054        .handler        =       tcp_v6_rcv,
2055        .err_handler    =       tcp_v6_err,
2056        .gso_send_check =       tcp_v6_gso_send_check,
2057        .gso_segment    =       tcp_tso_segment,
2058        .gro_receive    =       tcp6_gro_receive,
2059        .gro_complete   =       tcp6_gro_complete,
2060        .flags          =       INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2061};
2062
2063static struct inet_protosw tcpv6_protosw = {
2064        .type           =       SOCK_STREAM,
2065        .protocol       =       IPPROTO_TCP,
2066        .prot           =       &tcpv6_prot,
2067        .ops            =       &inet6_stream_ops,
2068        .no_check       =       0,
2069        .flags          =       INET_PROTOSW_PERMANENT |
2070                                INET_PROTOSW_ICSK,
2071};
2072
2073static int __net_init tcpv6_net_init(struct net *net)
2074{
2075        return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2076                                    SOCK_RAW, IPPROTO_TCP, net);
2077}
2078
2079static void __net_exit tcpv6_net_exit(struct net *net)
2080{
2081        inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2082}
2083
2084static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2085{
2086        inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
2087}
2088
2089static struct pernet_operations tcpv6_net_ops = {
2090        .init       = tcpv6_net_init,
2091        .exit       = tcpv6_net_exit,
2092        .exit_batch = tcpv6_net_exit_batch,
2093};
2094
2095int __init tcpv6_init(void)
2096{
2097        int ret;
2098
2099        ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2100        if (ret)
2101                goto out;
2102
2103        /* register inet6 protocol */
2104        ret = inet6_register_protosw(&tcpv6_protosw);
2105        if (ret)
2106                goto out_tcpv6_protocol;
2107
2108        ret = register_pernet_subsys(&tcpv6_net_ops);
2109        if (ret)
2110                goto out_tcpv6_protosw;
2111out:
2112        return ret;
2113
2114out_tcpv6_protocol:
2115        inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2116out_tcpv6_protosw:
2117        inet6_unregister_protosw(&tcpv6_protosw);
2118        goto out;
2119}
2120
2121void tcpv6_exit(void)
2122{
2123        unregister_pernet_subsys(&tcpv6_net_ops);
2124        inet6_unregister_protosw(&tcpv6_protosw);
2125        inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2126}
2127
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.